自动登录,是将客户端登录验证通过的信息记录在客户端的cookie里,当下次登录时,通过cookie中记录的用户ID和Token,与数据库中的用户登录状态进行比较,比较通过以后自动登录。
1、验证通过以后,写入cookie
HttpCookie identityCookie = new HttpCookie("identity"); identityCookie.HttpOnly = false; identityCookie.Expires = DateTime.MaxValue; identityCookie["userID"] ="2"; identityCookie["token"] = (new Guid("837A2825-5649-4686-A071-FC3C8D267123")).ToString(); HttpContext.Request.Cookies.Add(identityCookie); HttpContext.Response.Cookies.Add(identityCookie);
2、判断是否已登录
public bool IsLogin { get { return LoginUser != null; } } public User LoginUser { get { var user= HttpContext.Items["identity"] as User; if(user==null) { //判断是否记录过cookie var cookIdentity = HttpContext.Request.Cookies["identity"]; if (cookIdentity != null) { var userID =int.Parse(cookIdentity["userID"]); var token =new Guid(cookIdentity["token"]); //var mac = cookIdentity["mac"]; LoginHelp loginHelp=new LoginHelp(); user= loginHelp.GetUserByToken(userID,token); HttpContext.Items["identity"] = user; } } return user; } }
3、判断是否已登录,已登录就进行跳转
[HttpGet] public ActionResult Login() { if (Logined) { return RedirectToAction("Index"); } return View(); }
接下来要写两篇文章,对HttpContext和cookie进行了解。